Genesys Cloud - Main

​Hi All,

We have a serious issue with one of our customers, there are over 700 users in the Org and some users are changing their name and picture to match another user (impersonating other staff).  Then messaging other users directly with abuse.

We cannot find any way to restrict users from changing their names in the system or no audit trail for changes or logs of direct messages?

Does anyone know anyway around this?

Thanks Luke
#PlatformAdministration
#SystemAdministration

------------------------------
Luke Mitchell
G3 Comms Ltd
------------------------------

There are not specific permissions for that.  I found an idea https://purecloud.ideas.aha.io/ideas/CLINB-I-504 for restricting user name changes; vote for it if you agree.  You can file another idea for picture.  From some testing, I found that if you add the HR section to a user's profile, they can't remove the section or change the official name or employee id unless the user has either the directory:user:edit or directory:userProfile:edit permission. 

For the users who get the abuse: tell them not to exit the chat, just leave it in their Direct Message list.  If the abuser switched their username/picture back to their real name/pic, the user will see it.  They will need to refresh the UI after the switch to see the changed values.  Each user has a unique id that never changes, no matter what they do to their username or any other field.

------------------------------
Melissa Bailey
Genesys - Employees
------------------------------

Original Message:
Sent: 03-15-2019 11:22
From: Luke Mitchell
Subject: Restrict users from changing their name or change/chat audit

​Hi All,

We have a serious issue with one of our customers, there are over 700 users in the Org and some users are changing their name and picture to match another user (impersonating other staff).  Then messaging other users directly with abuse.

We cannot find any way to restrict users from changing their names in the system or no audit trail for changes or logs of direct messages?

Does anyone know anyway around this?

Thanks Luke
#PlatformAdministration
#SystemAdministration

------------------------------
Luke Mitchell
G3 Comms Ltd
------------------------------

Hi Luke, 

Have you tried to configure the Profile Fields under Directory in Admin? You can limit the changes to be made by people that have the Master Admin role only for example 
there's more info in the resource center
https://help.mypurecloud.com/articles/profile-layout-page/

------------------------------
Spark NZ Trading
------------------------------

Original Message:
Sent: 03-15-2019 11:22
From: Luke Mitchell
Subject: Restrict users from changing their name or change/chat audit

​Hi All,

We have a serious issue with one of our customers, there are over 700 users in the Org and some users are changing their name and picture to match another user (impersonating other staff).  Then messaging other users directly with abuse.

We cannot find any way to restrict users from changing their names in the system or no audit trail for changes or logs of direct messages?

Does anyone know anyway around this?

Thanks Luke
#PlatformAdministration
#SystemAdministration

------------------------------
Luke Mitchell
G3 Comms Ltd
------------------------------

Thanks both,

I have had a look through profile fields but cannot find any way to prevent a user changing their name, which seems like quite an issue with the product

I have voted for the idea too

------------------------------
Luke Mitchell
G3 Comms Ltd
------------------------------

Original Message:
Sent: 03-15-2019 22:50
From: Donny Chai
Subject: Restrict users from changing their name or change/chat audit

Hi Luke,

Have you tried to configure the Profile Fields under Directory in Admin? You can limit the changes to be made by people that have the Master Admin role only for example
there's more info in the resource center
https://help.mypurecloud.com/articles/profile-layout-page/

------------------------------
Spark NZ Trading

Original Message:
Sent: 03-15-2019 11:22
From: Luke Mitchell
Subject: Restrict users from changing their name or change/chat audit

​Hi All,

We have a serious issue with one of our customers, there are over 700 users in the Org and some users are changing their name and picture to match another user (impersonating other staff).  Then messaging other users directly with abuse.

We cannot find any way to restrict users from changing their names in the system or no audit trail for changes or logs of direct messages?

Does anyone know anyway around this?

Thanks Luke
#PlatformAdministration
#SystemAdministration

------------------------------
Luke Mitchell
G3 Comms Ltd
------------------------------

Completely agree with this thread. This isn't Facebook, Twitter, or Instagram. These aren't personal accounts, this is business data often with business, contractual, or regulatory control requirements. I say that because the page you mentioned (https://help.mypurecloud.com/articles/profile-layout-page/) has been modified eliminating the ability to control edit access by role. It seems whatever was there when the code was changed is what remains in force. This deprecation (https://help.mypurecloud.com/articles/deprecation-field-level-permissions/) was neither well conceived nor executed, IMHO. Which is evidenced by the "idea" referenced in this thread ( https://purecloud.ideas.aha.io/ideas/CLINB-I-504). Directory data being readable by all is significantly different than being writable by all. Who has access to modify directory information should be decided and configured by the customer based on their specific requirements. One of the first things any security conscious organization would do is go in and restrict who can change directory information fields based on their needs and compliance requirements.

Update
I was looking through the permissions and found a gaggle of profile related permissions (I'm not assuming this is an inclusive list):

General > Person Administration

Directory > User > *

Directory > userProfile > *

General > User Administration

General > User Manager

General > Employee

It seems like a recently implemented deprecation step has muddied these waters further since a user's ability to edit their profile (the permission doesn't specify the scope of that ability) devolves to the required "General > Employee" permission without which nothing works. That ability really needs to be controlled by field.

------------------------------
Patrick Rada
Keypath Education LLC
------------------------------

Original Message:
Sent: 03-15-2019 22:50
From: Donny Chai
Subject: Restrict users from changing their name or change/chat audit

Hi Luke,

Have you tried to configure the Profile Fields under Directory in Admin? You can limit the changes to be made by people that have the Master Admin role only for example
there's more info in the resource center
https://help.mypurecloud.com/articles/profile-layout-page/

------------------------------
Spark NZ Trading

Original Message:
Sent: 03-15-2019 11:22
From: Luke Mitchell
Subject: Restrict users from changing their name or change/chat audit

​Hi All,

We have a serious issue with one of our customers, there are over 700 users in the Org and some users are changing their name and picture to match another user (impersonating other staff).  Then messaging other users directly with abuse.

We cannot find any way to restrict users from changing their names in the system or no audit trail for changes or logs of direct messages?

Does anyone know anyway around this?

Thanks Luke
#PlatformAdministration
#SystemAdministration

------------------------------
Luke Mitchell
G3 Comms Ltd
------------------------------